Medido el 2026-07-11 · DNS público
¿Está us.hsbc.com protegido contra la suplantación de correo?
No — us.hsbc.com no tiene política DMARC y puede ser suplantado.
Postura sin cambios desde el 2026-06-19
Más protegido que el 0 % de bancos en Estados Unidos
El 80 % del sector ya aplica p=reject
F
DMARC
ausente
SPF
~all
DKIM
ninguno encontrado
Cómo corregirlo
Thomas, tu CISO virtual con IA, identifica cada fuente, escribe el DNS exacto y lleva tu dominio de p=none a p=reject con total seguridad.
Qué significa esto
- • Aucun enregistrement DMARC publié (_dmarc.<domaine>). Les destinataires n'ont aucune politique à appliquer.
- • SPF se termine par ~all (softfail) : acceptable en phase d’observation, viser -all à terme.
- • Aucune clé DKIM trouvée sur les sélecteurs courants (le domaine peut utiliser des sélecteurs non standards).
Historial
- 2026-06-26Primera mediciónSin DMARC
Sobre HSBC Bank USA
HSBC Bank USA, the American subsidiary of HSBC Holdings plc, operates through the domain us.hsbc.com as a major banking service serving retail and corporate clients across the United States. As an international financial institution, HSBC Bank USA manages a critical email perimeter encompassing communications with employees distributed across multiple countries, digital services for customers, official correspondence with regulators and financial partners, as well as transactional notifications linked to bank accounts. Securing the us.hsbc.com domain carries strategic significance, as financial institutions represent prime targets for identity spoofing attacks aimed at compromising sensitive customer data or perpetrating fraud schemes. The banking sector must comply with stringent regulatory frameworks including sectoral cybersecurity directives, and as an international group, HSBC is subject to enhanced security obligations according to the jurisdictions in which it operates. The implementation of robust DMARC, SPF, and DKIM protocols on us.hsbc.com constitutes a fundamental component of the strategy against phishing and domain spoofing attacks, ensuring the authenticity of communications issued from this domain. For an entity of this scale, mastering email infrastructure and validating each message through strong authentication mechanisms represents not only a compliance obligation but also an imperative for client trust and preservation of institutional reputation in a context where email-based banking fraud remains a persistent threat.
